Tekst.ai helps companies in boosting their customer support. This is only possible if our software is a safe and reliable place for your data. That’s why information security is a top priority for us. On this page, you can find more information about how we guarantee security and reliability of your data.
For general questions about our system, infrastructure or information security, please reach out to firstname.lastname@example.org. For inquiries related specific to data protection and privacy you can contact our DPO at email@example.com
Is Tekst.ai always up and running?
At Tekst.ai, we understand how important it is to maintain a high level of uptime and availability for our customers. That's why we prioritize the monitoring of all our microservices to ensure that our systems are up and running smoothly. Our team works tirelessly to prevent any incidents or downtime, but in the unlikely event that an issue does occur, our team is immediately notified in real-time. We take these notifications very seriously and respond with the highest urgency to resolve any issues as quick as possible.
What if there is downtime?
At Tekst.ai, we understand that any technical issue or downtime can be disruptive to your business operations. In the event of any technical hiccups, our team is commited to providing an open line of communication and keeping our customers informed about the status of the issue. We prioritize resolving any issues as quickly as possible to minimize any disruption to your workflow. We understand the importance of your business operations and work diligently to maintain the highest standards of uptime and availability.
Data and GDPR
We provide a secure and isolated environment for all our customers. This means that your data is never combined with that of other customers and is only used to create a custom models for you. We ensure the highest level of data security by encrypting all data in transit (using SSL/HTTPS) and at rest (using AES encryption).
The cloud is solely used for streaming purposes and we never store any personally identifiable information (PII) on the cloud. Instead, we store only anonymized versions of your data and metrics. Our processing procedures prioritize data minimization, which means we only process the minimum amount of data necessary to make accurate predictions. For instance, we immediately discard attachments that are not needed for prediction purposes.
In case some personal identifiable information (PII) may need to be stored for specific purposes. However, we never store PII on the cloud. Instead, we store such data in a secure and isolated "cold" storage environment that is not accessible over the internet.
Our commitment to data security means that we take every precaution to ensure that your data is safe and secure at all times. By utilizing the cloud in a streaming-only capacity and implementing data minimization strategies, we minimize the risk of data exposure or breaches, providing you with the highest level of data privacy and protection.
At Tekst.ai, we understand that different companies may have varying data retention policies. That's why we offer the option to customize your data retention policies, allowing you to not only comply with GDPR requirements but also align with your own company's policies to ensure that it is handled in accordance with your specific needs and requirements.
Tekst.ai leverages Amazon Web Services (AWS) infrastructure to power our services. Our systems are hosted in data centers located in Ireland and Paris, and we exclusively use AWS systems located within the EU. We can also accommodate customer requests to use other data centers upon request.
Our systems are regularly tested to ensure that we are following the latest best practices. By utilizing AWS data centers, our infrastructure is accredited for a wide range of security standards, including:
- SOC 1 / ISAE 3402
- SOC 2
- SOC 3
- FISMA, DIACAP, and FedRAMP
- CSM Levels 1-5
- PCI DSS Level 1
- ISO 9001 / ISO 27001
More info on AWS security can be found here.
Our code is containerized, which allows for easy scalability and platform independence. Upon customer request, we can also deploy our services on Microsoft Azure.
We provide secure access to our core services through HTTPS only. Authentication and authorization are provided through the OAuth 2.0 protocol, which allows for secure and scoped access to the different functionalities of our product. We follow the principle of least privilege, ensuring that every user has access only to the exact resources they need.
Authentication is provided by Auth0, which has attained broad information security certification.
With our product improving everyday there is a strong emphasize on delivering quality. There are numerous secure development procedures in place of which the following;
- Leveraging broad unit, integration and end-to-end tests.
- Utilizing vulnerability scanners and linters to deliver only secure code that meets our high-quality standards.
- Implementing strict code reviews for every addition or change to the codebase.
Our commitment to secure development doesn't stop after delivery. We have a strong monitoring system in place, which allows us to detect any remaining opportunities for improvement. In the event of any security or availability issues, our team is notified immediately, along with the corresponding logs and traces. This enables our team to resolve any issues quickly, ensuring that our customers can always rely on our products and services.
We actively encourage our users to report any bugs or security issues they encounter. By doing so, they help us improve and secure our intelligent routing. We strive to process and respond to all reports as quickly as possible.